From ee0ce8cc7652211860c1ade5373326bd32f541a2 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Sun, 5 Nov 2017 09:15:08 +0800
Subject: [PATCH] coverity-fixes

---
 lib/http2/hpack.c                                | 16 ++++++++--------
 lib/private-libwebsockets.h                      |  4 ++++
 lib/server/lws-spa.c                             |  2 ++
 lib/server/server.c                              |  3 +++
 .../generic-sessions/protocol_lws_messageboard.c |  4 +++-
 plugins/protocol_lws_mirror.c                    |  2 +-
 plugins/ssh-base/sshd.c                          |  8 ++++++++
 7 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/lib/http2/hpack.c b/lib/http2/hpack.c
index eb1e97cf..7641e837 100644
--- a/lib/http2/hpack.c
+++ b/lib/http2/hpack.c
@@ -88,15 +88,15 @@
           +-------+-----------------------------+---------------+
 */
 
-static const uint8_t static_hdr_len[] = {
+static const uint8_t static_hdr_len[62] = {
 		0, /* starts at 1 */
-		10, 7, 7, 5, 5, 7, 7, 7, 7, 7,
-		7, 7, 7, 7, 14, 15, 15, 13, 6, 27,
-		3, 5, 13, 13, 19, 16, 16, 14, 16, 13,
-		12, 6, 4, 4, 6, 7, 4, 4, 8, 17,
-		13, 8, 19, 13, 4, 8, 12, 18, 19,
-		5, 7, 7, 11, 6, 10, 25, 17, 10, 4,
-		3, 16
+		10,  7,  7,  5,  5,    7,  7,  7,  7,  7,
+		 7,  7,  7,  7, 14,   15, 15, 13,  6, 27,
+		 3,  5, 13, 13, 19,   16, 16, 14, 16, 13,
+		12,  6,  4,  4,  6,    7,  4,  4,  8, 17,
+		13,  8, 19, 13,  4,    8, 12, 18, 19,  5,
+		 7,  7, 11,  6, 10,   25, 17, 10,  4,  3,
+		16
 };
 
 static const unsigned char static_token[] = {
diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h
index 7247bfc8..4f0b3743 100644
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@@ -27,6 +27,10 @@
 #define  _GNU_SOURCE
 #endif
 
+#if defined(__COVERITY__)
+typedef struct { long double x, y; } _Float128;
+#endif
+
 #ifdef LWS_HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
diff --git a/lib/server/lws-spa.c b/lib/server/lws-spa.c
index 73117c50..e845a5fb 100644
--- a/lib/server/lws-spa.c
+++ b/lib/server/lws-spa.c
@@ -333,6 +333,8 @@ retry_as_first:
 			if (!strcmp(s->temp, "name")) {
 				if (s->mp < sizeof(s->name) - 1)
 					s->name[s->mp++] = *in;
+				else
+					s->mp = (int)sizeof(s->name) - 1;
 				s->name[s->mp] = '\0';
 				goto done;
 			}
diff --git a/lib/server/server.c b/lib/server/server.c
index b06ab682..db059542 100644
--- a/lib/server/server.c
+++ b/lib/server/server.c
@@ -2389,6 +2389,9 @@ lws_server_socket_service(struct lws_context *context, struct lws *wsi,
 			goto try_pollout;
 		}
 		
+		if (len < 0) /* coverity */
+			goto fail;
+
 		if (wsi->mode == LWSCM_RAW) {
 			n = user_callback_handle_rxflow(wsi->protocol->callback,
 					wsi, LWS_CALLBACK_RAW_RX,
diff --git a/plugins/generic-sessions/protocol_lws_messageboard.c b/plugins/generic-sessions/protocol_lws_messageboard.c
index 8e66cd5b..26c05811 100644
--- a/plugins/generic-sessions/protocol_lws_messageboard.c
+++ b/plugins/generic-sessions/protocol_lws_messageboard.c
@@ -367,7 +367,9 @@ callback_messageboard(struct lws *wsi, enum lws_callback_reasons reason,
 
 	default:
 passthru:
-		return vhd->gsp->callback(wsi, reason, pss ? pss->pss_gs : NULL, in, len);
+		if (!pss)
+			break;
+		return vhd->gsp->callback(wsi, reason, pss->pss_gs, in, len);
 	}
 
 	return 0;
diff --git a/plugins/protocol_lws_mirror.c b/plugins/protocol_lws_mirror.c
index eeb5cce5..77c1039e 100644
--- a/plugins/protocol_lws_mirror.c
+++ b/plugins/protocol_lws_mirror.c
@@ -245,7 +245,7 @@ callback_lws_mirror(struct lws *wsi, enum lws_callback_reasons reason,
 
 			mi->next = v->mi_list;
 			v->mi_list = mi;
-			strcpy(mi->name, pn);
+			lws_snprintf(mi->name, sizeof(mi->name) - 1, "%s", pn);
 			mi->rx_enabled = 1;
 
 			lwsl_notice("Created new mi %p '%s'\n", mi, pn);
diff --git a/plugins/ssh-base/sshd.c b/plugins/ssh-base/sshd.c
index bc9dfb1a..f5a7fbad 100644
--- a/plugins/ssh-base/sshd.c
+++ b/plugins/ssh-base/sshd.c
@@ -2102,6 +2102,8 @@ lws_callback_raw_sshd(struct lws *wsi, enum lws_callback_reasons reason,
 
         case LWS_CALLBACK_RAW_ADOPT:
 		lwsl_info("LWS_CALLBACK_RAW_ADOPT\n");
+		if (!vhd)
+			return -1;
 		pss->next = vhd->live_pss_list;
 		vhd->live_pss_list = pss;
 		pss->parser_state = SSH_INITIALIZE_TRANSIENT;
@@ -2127,6 +2129,8 @@ lws_callback_raw_sshd(struct lws *wsi, enum lws_callback_reasons reason,
                 break;
 
 	case LWS_CALLBACK_RAW_CLOSE:
+		if (!pss)
+			return -1;
 		lwsl_info("LWS_CALLBACK_RAW_CLOSE\n");
 		lws_kex_destroy(pss);
 		lws_ua_destroy(pss);
@@ -2149,6 +2153,8 @@ lws_callback_raw_sshd(struct lws *wsi, enum lws_callback_reasons reason,
 		break;
 
 	case LWS_CALLBACK_RAW_RX:
+		if (!pss)
+			return -1;
 		if (parse(pss, in, len))
 			return -1;
 		break;
@@ -2549,6 +2555,8 @@ bail:
 		break;
 
 	case LWS_CALLBACK_CGI_TERMINATED:
+		if (!pss)
+			break;
 		if (pss->vhd && pss->vhd->ops &&
 		    pss->vhd->ops->child_process_terminated)
 		    pss->vhd->ops->child_process_terminated(pss->ch_temp->priv,
-- 
GitLab